Prosím o kontrolu logu děkuji

Zpráva

bmwacs · #1 Příspěvek od **bmwacs** » 11 kvě 2013 11:31

Logfile of random's system information tool 1.09 (written by random/random)
Run by Matt at 2013-05-11 12:30:59
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 21 GB (28%) free of 76 GB
Total RAM: 2047 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:31:04, on 11.5.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ZyXEL\NWD-270N\Common\RalinkRegistryWriter.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ZyXEL\NWD-270N\Common\NWD-270N.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Matt\Plocha\RSIT.exe
C:\Program Files\trend micro\Matt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredibar.com/mb201?a=6PQX4gseeA&i=26
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [GEST] m‘|Pë
O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Matt\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Startup: WinMySQLadmin.lnk = C:\apache\mysql\bin\winmysqladmin.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\ZyXEL\NWD-270N\Common\RalinkRegistryWriter.exe

--
End of file - 6625 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-606747145-484763869-839522115-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-606747145-484763869-839522115-1003UA.job
C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{F0761E82-9E0D-4738-BA00-7533A8120EF1}.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Matt\Data aplikací\Mozilla\Firefox\Profiles\umqgq4uc.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{ea614400-e918-4741-9a97-7a972ff7c30b}:2.0.10, {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}:2.5.6.0, {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"
prefs.js - "keyword.URL" - "http://mystart.incredibar.com/mb201/?lo ... 26&search="

"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{336D0C35-8A85-403a-B9D2-65C292C39087}"=C:\Program Files\IB Updater\Firefox

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.169 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsILegitCheckPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
npLegitCheckPlugin.dll
NPOFF12.DLL
nppdf32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
firmycz.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
mapycz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
zbocz.xml

C:\Documents and Settings\Matt\Data aplikací\Mozilla\Firefox\Profiles\umqgq4uc.default\extensions\
ffxtlbr@incredibar.com
{687578b9-7132-4a7a-80e4-30ee31099e03}
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}

C:\Documents and Settings\Matt\Data aplikací\Mozilla\Firefox\Profiles\umqgq4uc.default\searchplugins\
MyStart Search.xml
wowhead.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-04-07 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-11-22 4529344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-04-07 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-04-07 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GEST"=m‘|Pë []
"EEventManager"=C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe [2008-12-04 665424]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-09-03 19573352]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 947152]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\Matt\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-12-01 136176]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-01-08 3674320]

C:\Documents and Settings\Matt\Nabídka Start\Programy\Po spuštění
WinMySQLadmin.lnk - C:\apache\mysql\bin\winmysqladmin.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Epson Software\Event Manager\EEventManager.exe"="C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Disabled:EEventManager Application"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\apache\Apache.exe"="C:\apache\Apache.exe:*:Disabled:Apache"
"D:\Games\Command & Conquer 4 Tiberian Twilight\Data\CNC4SERVER.exe"="D:\Games\Command & Conquer 4 Tiberian Twilight\Data\CNC4SERVER.exe:*:Enabled:CNC4SERVER"
"D:\Games\Command & Conquer 4 Tiberian Twilight\Data\CNC4.exe"="D:\Games\Command & Conquer 4 Tiberian Twilight\Data\CNC4.exe:*:Disabled:Command & Conquer™ 4"
"D:\Games\Elven Legacy\ElvenLegacy.exe"="D:\Games\Elven Legacy\ElvenLegacy.exe:*:Enabled:Elven Legacy"
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1040\Agent.exe"="C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1040\Agent.exe:*:Enabled:Battle.net Update Agent"
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1363\Agent.exe"="C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1363\Agent.exe:*:Enabled:Battle.net Update Agent"
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1544\Agent.exe"="C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1544\Agent.exe:*:Enabled:Battle.net Update Agent"
"C:\WINDOWS\system32\dmwu.exe"="C:\WINDOWS\system32\dmwu.exe:*:Enabled:dmwu"
"C:\WINDOWS\system32\ARFC\wrtc.exe"="C:\WINDOWS\system32\ARFC\wrtc.exe:*:Enabled:wrtc"
"D:\Games\Elven Legacy\magic.exe"="D:\Games\Elven Legacy\magic.exe:*:Enabled:Elven Legacy: Magic"
"D:\Games\Elven Legacy\siege.exe"="D:\Games\Elven Legacy\siege.exe:*:Enabled:Elven Legacy: Siege"
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1637\Agent.exe"="C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1637\Agent.exe:*:Enabled:Battle.net Update Agent"
"C:\Program Files\Diablo III\Diablo III.exe"="C:\Program Files\Diablo III\Diablo III.exe:*:Enabled:Diablo III"
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1675\Agent.exe"="C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1675\Agent.exe:*:Enabled:Battle.net Update Agent"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1737\Agent.exe"="C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1737\Agent.exe:*:Enabled:Battle.net Update Agent"
"C:\Program Files\PANDORA.TV\PanService\PanProcess.exe"="C:\Program Files\PANDORA.TV\PanService\PanProcess.exe:*:Enabled:PanProcess"
"C:\Program Files\PANDORA.TV\PanService\PandoraService.exe"="C:\Program Files\PANDORA.TV\PanService\PandoraService.exe:*:Enabled:PandoraService"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"D:\Games\Dragon Age 2\bin_ship\DragonAge2.exe"="D:\Games\Dragon Age 2\bin_ship\DragonAge2.exe:*:Enabled:Dragon Age II"
"D:\Games\Dragon Age 2\DragonAge2Launcher.exe"="D:\Games\Dragon Age 2\DragonAge2Launcher.exe:*:Enabled:Dragon Age II Launcher"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"vidc.ffds"=ffdshow.ax
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.ac3filter"=ac3filter.acm
"VIDC.WMV3"=wmv9vcm.dll

======List of files/folders created in the last 1 month======

2013-04-20 16:48:35 ----D---- C:\Documents and Settings\Matt\Data aplikací\Unity
2013-04-12 18:03:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2808735$
2013-04-12 18:03:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2820917$
2013-04-12 18:00:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2813345$
2013-04-12 18:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2813170$
2013-04-12 17:59:24 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2013-05-11 12:31:02 ----D---- C:\Program Files\trend micro
2013-05-11 12:27:14 ----D---- C:\Documents and Settings\Matt\Data aplikací\uTorrent
2013-05-11 12:26:46 ----D---- C:\WINDOWS\Temp
2013-05-11 12:26:46 ----D---- C:\WINDOWS\Minidump
2013-05-11 12:26:46 ----D---- C:\WINDOWS
2013-05-11 12:24:46 ----D---- C:\Program Files\CCleaner
2013-05-11 12:23:55 ----D---- C:\Program Files\SpeedFan
2013-05-11 12:22:19 ----SHD---- C:\WINDOWS\Installer
2013-05-11 12:22:12 ----RD---- C:\Program Files\Skype
2013-05-11 12:22:12 ----D---- C:\Program Files\Common Files
2013-05-11 12:22:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-05-11 12:22:11 ----D---- C:\Documents and Settings\Matt\Data aplikací\Skype
2013-05-11 12:16:08 ----SD---- C:\WINDOWS\Tasks
2013-05-11 12:10:36 ----D---- C:\Program Files\The KMPlayer
2013-05-11 12:07:24 ----D---- C:\WINDOWS\system32\CatRoot2
2013-05-11 12:06:15 ----D---- C:\WINDOWS\Microsoft.NET
2013-05-11 01:42:03 ----N---- C:\WINDOWS\SchedLgU.Txt
2013-05-10 23:50:51 ----D---- C:\WINDOWS\Prefetch
2013-05-09 19:18:51 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2013-05-08 16:27:39 ----RD---- C:\Program Files
2013-05-08 15:47:41 ----A---- C:\WINDOWS\AviSplitter.INI
2013-05-04 00:33:49 ----D---- C:\Program Files\PokerStars
2013-05-02 20:12:34 ----D---- C:\Program Files\uTorrent
2013-05-02 17:28:50 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2013-04-21 18:21:23 ----D---- C:\Documents and Settings\Matt\Data aplikací\DAEMON Tools Lite
2013-04-21 18:21:14 ----D---- C:\WINDOWS\Debug
2013-04-21 18:04:52 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-04-21 18:03:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2013-04-15 21:35:40 ----A---- C:\WINDOWS\NeroDigital.ini
2013-04-15 20:18:35 ----D---- C:\WINDOWS\system32
2013-04-14 23:33:24 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-04-14 23:33:05 ----D---- C:\WINDOWS\system32\drivers
2013-04-14 23:33:02 ----D---- C:\Program Files\NVIDIA Corporation
2013-04-14 23:32:47 ----HD---- C:\WINDOWS\inf
2013-04-14 23:32:46 ----D---- C:\WINDOWS\system32\ReinstallBackups
2013-04-12 18:04:38 ----D---- C:\Program Files\Internet Explorer
2013-04-12 18:04:30 ----D---- C:\WINDOWS\ie8updates
2013-04-12 18:04:19 ----HD---- C:\WINDOWS\$hf_mig$
2013-04-12 18:04:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-04-12 18:00:50 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2013-01-20 195296]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-10-18 105472]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2013-01-27 242240]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-11-24 21361]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-09-03 6139496]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2013-02-08 12648960]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-11-27 19968]
R3 rt2870;%Generic.Service.DispName%; C:\WINDOWS\system32\DRIVERS\rt2870.sys [2008-10-01 637952]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-11-25 691696]
S1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
S2 cpuz135;cpuz135; \??\C:\WINDOWS\system32\drivers\cpuz135_x32.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 KMWDFILTER;HIDUASDesc; C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\Program Files\MSI\Live Update 5\msibios32_100507.sys []
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files\MSI\Live Update 5\NTIOLib.sys []
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2010-08-12 71936]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 20456]
R2 RalinkRegistryWriter;Ralink Registry Writer; C:\Program Files\ZyXEL\NWD-270N\Common\RalinkRegistryWriter.exe [2008-05-13 69632]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2013-01-03 156600]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-01-03 1259448]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-21 256904]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WinDefend;Windows Defender; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]

-----------------EOF-----------------

#2 Příspěvek od **Mc_Murphy** » 11 kvě 2013 14:34

Zdravím.

Vydrž minutku, na logu se intenzivně pracuje. Obrázek

#3 Příspěvek od **Mc_Murphy** » 11 kvě 2013 14:38

Příště, když Tě Rádce požádá, abys mu napsal, jak je na tom počítač, tak to prosím udělej, ju (viz poslední prohlídka)?

Stáhni AdwCleaner - http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulož jej nejlépe na Plochu.
Ukonči všechny programy!!
Spusť AdwCleaner.
Klikni na [Search].
Proběhne scan a pak se objeví log, který bude případně uložen na systémovém disku jako AdwCleaner[R?].txt - ten mi sem vlož.

bmwacs · #4 Příspěvek od **bmwacs** » 11 kvě 2013 19:16

Omlouvám se za to že jsem nenapsal.

# AdwCleaner v2.300 - Log vytvooen 11/05/2013 v 20:12:35
# Aktualizováno 28/04/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : Matt - MATT-A14BB20269
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\Matt\Plocha\adwcleaner.exe
# Volba [Prohledat]

***** [Služby] *****

***** [Soubory / Složky] *****

Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\Ask
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Složka Nalezeno : C:\Documents and Settings\Matt\Data aplikací\Mozilla\Firefox\Profiles\umqgq4uc.default\Conduit
Složka Nalezeno : C:\Documents and Settings\Matt\Data aplikací\Mozilla\Firefox\Profiles\umqgq4uc.default\ConduitCommon
Složka Nalezeno : C:\Documents and Settings\Matt\Data aplikací\Mozilla\Firefox\Profiles\umqgq4uc.default\CT1750559
Složka Nalezeno : C:\Documents and Settings\Matt\Data aplikací\Mozilla\Firefox\Profiles\umqgq4uc.default\CT3072253
Složka Nalezeno : C:\Documents and Settings\Matt\Data aplikací\Mozilla\Firefox\Profiles\umqgq4uc.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
Složka Nalezeno : C:\Documents and Settings\Matt\Data aplikací\Mozilla\Firefox\Profiles\umqgq4uc.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
Složka Nalezeno : C:\Documents and Settings\Matt\Data aplikací\Mozilla\Firefox\Profiles\umqgq4uc.default\extensions\ffxtlbr@incredibar.com
Složka Nalezeno : C:\Documents and Settings\Matt\Local Settings\Data aplikací\APN
Složka Nalezeno : C:\Documents and Settings\Matt\Local Settings\Data aplikací\Conduit
Složka Nalezeno : C:\Program Files\Conduit
Složka Nalezeno : C:\Program Files\DAEMON Tools Toolbar
Složka Nalezeno : C:\Program Files\ICQ6Toolbar
Složka Nalezeno : C:\Program Files\Perion
Soubor Nalezeno : C:\Documents and Settings\Matt\Data aplikací\Mozilla\Firefox\Profiles\umqgq4uc.default\searchplugins\MyStart Search.xml
Soubor Nalezeno : C:\user.js

***** [Registry] *****

Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Hodnota Nalezeno : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Hodnota Nalezeno : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\IM
Klíe Nalezeno : HKCU\Software\ImInstaller
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKCU\Software\PIP
Klíe Nalezeno : HKCU\Software\Softonic
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar.CT2645238
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Klíe Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Klíe Nalezeno : HKLM\Software\IB Updater
Klíe Nalezeno : HKLM\Software\PIP
Klíe Nalezeno : HKU\S-1-5-21-606747145-484763869-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Klíe Nalezeno : HKU\S-1-5-21-606747145-484763869-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Klíe Nalezeno : HKU\S-1-5-21-606747145-484763869-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKU\S-1-5-21-606747145-484763869-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v8.0.6001.18702

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://mystart.incredibar.com/mb201?a=6PQX4gseeA&i=26
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

-\\ Mozilla Firefox v20.0.1 (cs)

Soubor : C:\Documents and Settings\Matt\Data aplikací\Mozilla\Firefox\Profiles\umqgq4uc.default\prefs.js

Nalezeno : user_pref("CT1750559.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Nalezeno : user_pref("CT1750559.CTID", "CT1750559");
Nalezeno : user_pref("CT1750559.CurrentServerDate", "26-1-2011");
Nalezeno : user_pref("CT1750559.DialogsAlignMode", "LTR");
Nalezeno : user_pref("CT1750559.FirstServerDate", "12-12-2010");
Nalezeno : user_pref("CT1750559.FirstTime", true);
Nalezeno : user_pref("CT1750559.FirstTimeFF3", true);
Nalezeno : user_pref("CT1750559.FixPageNotFoundErrors", true);
Nalezeno : user_pref("CT1750559.GroupingServerCheckInterval", 1440);
Nalezeno : user_pref("CT1750559.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Nalezeno : user_pref("CT1750559.Initialize", true);
Nalezeno : user_pref("CT1750559.InitializeCommonPrefs", true);
Nalezeno : user_pref("CT1750559.InstalledDate", "Sun Dec 12 2010 13:34:44 GMT+0100");
Nalezeno : user_pref("CT1750559.InvalidateCache", false);
Nalezeno : user_pref("CT1750559.IsGrouping", false);
Nalezeno : user_pref("CT1750559.IsMulticommunity", false);
Nalezeno : user_pref("CT1750559.IsOpenThankYouPage", true);
Nalezeno : user_pref("CT1750559.IsOpenUninstallPage", true);
Nalezeno : user_pref("CT1750559.LanguagePackLastCheckTime", "Sun Oct 16 2011 21:42:04 GMT+0200");
Nalezeno : user_pref("CT1750559.LanguagePackReloadIntervalMM", 1440);
Nalezeno : user_pref("CT1750559.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Nalezeno : user_pref("CT1750559.LastLogin_2.5.6.0", "Sun Oct 16 2011 21:42:07 GMT+0200");
Nalezeno : user_pref("CT1750559.LatestVersion", "3.2.5.2");
Nalezeno : user_pref("CT1750559.Locale", "en-us");
Nalezeno : user_pref("CT1750559.LoginCache", 4);
Nalezeno : user_pref("CT1750559.MCDetectTooltipHeight", "83");
Nalezeno : user_pref("CT1750559.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Nalezeno : user_pref("CT1750559.MCDetectTooltipWidth", "295");
Nalezeno : user_pref("CT1750559.RadioIsPodcast", false);
Nalezeno : user_pref("CT1750559.RadioLastCheckTime", "Sun Oct 16 2011 21:42:03 GMT+0200");
Nalezeno : user_pref("CT1750559.RadioLastUpdateIPServer", "3");
Nalezeno : user_pref("CT1750559.RadioLastUpdateServer", "128929877726170000");
Nalezeno : user_pref("CT1750559.RadioMediaID", "11237206");
Nalezeno : user_pref("CT1750559.RadioMediaType", "Media Player");
Nalezeno : user_pref("CT1750559.RadioMenuSelectedID", "EBRadioMenu_CT175055911237206");
Nalezeno : user_pref("CT1750559.RadioStationName", "1.FM%20Dance");
Nalezeno : user_pref("CT1750559.RadioStationURL", "hxxp://dance.1.fm/energydance128k?MSWMExt=.asf");
Nalezeno : user_pref("CT1750559.SHRINK_TOOLBAR", 1);
Nalezeno : user_pref("CT1750559.SavedHomepage", "hxxp://www.seznam.cz");
Nalezeno : user_pref("CT1750559.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Nalezeno : user_pref("CT1750559.SearchFromAddressBarIsInit", true);
Nalezeno : user_pref("CT1750559.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT175[...]
Nalezeno : user_pref("CT1750559.SearchInNewTabEnabled", true);
Nalezeno : user_pref("CT1750559.SearchInNewTabIntervalMM", 1440);
Nalezeno : user_pref("CT1750559.SearchInNewTabLastCheckTime", "Sun Oct 16 2011 21:42:02 GMT+0200");
Nalezeno : user_pref("CT1750559.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Nalezeno : user_pref("CT1750559.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Nalezeno : user_pref("CT1750559.SettingsCheckIntervalMin", 120);
Nalezeno : user_pref("CT1750559.SettingsLastCheckTime", "Sun Oct 16 2011 21:42:02 GMT+0200");
Nalezeno : user_pref("CT1750559.SettingsLastUpdate", "1316435446");
Nalezeno : user_pref("CT1750559.ThirdPartyComponentsInterval", 504);
Nalezeno : user_pref("CT1750559.ThirdPartyComponentsLastCheck", "Sun Oct 16 2011 21:42:02 GMT+0200");
Nalezeno : user_pref("CT1750559.ThirdPartyComponentsLastUpdate", "1312887586");
Nalezeno : user_pref("CT1750559.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Nalezeno : user_pref("CT1750559.UserID", "UN55813428512695778");
Nalezeno : user_pref("CT1750559.WeatherNetwork", "");
Nalezeno : user_pref("CT1750559.WeatherPollDate", "Sun Oct 16 2011 21:42:04 GMT+0200");
Nalezeno : user_pref("CT1750559.WeatherUnit", "C");
Nalezeno : user_pref("CT1750559.alertChannelId", "31130");
Nalezeno : user_pref("CT1750559.backendstorage.amazonnew_all", "313534333131312C313637333032312C313637333134312[...]
Nalezeno : user_pref("CT1750559.backendstorage.appbuttondisablenull", "30");
Nalezeno : user_pref("CT1750559.clientLogIsEnabled", false);
Nalezeno : user_pref("CT1750559.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Nalezeno : user_pref("CT1750559.myStuffEnabled", true);
Nalezeno : user_pref("CT1750559.myStuffPublihserMinWidth", 400);
Nalezeno : user_pref("CT1750559.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Nalezeno : user_pref("CT1750559.myStuffServiceIntervalMM", 1440);
Nalezeno : user_pref("CT1750559.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Nalezeno : user_pref("CT1750559.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Nalezeno : user_pref("CT3072253..clientLogIsEnabled", true);
Nalezeno : user_pref("CT3072253..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Nalezeno : user_pref("CT3072253..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Nalezeno : user_pref("CT3072253.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Nalezeno : user_pref("CT3072253.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Nalezeno : user_pref("CT3072253.BrowserCompStateIsOpen_129573915102477663", true);
Nalezeno : user_pref("CT3072253.BrowserCompStateIsOpen_129749445881800338", true);
Nalezeno : user_pref("CT3072253.BrowserCompStateIsOpen_129805375651312503", true);
Nalezeno : user_pref("CT3072253.CTID", "CT3072253");
Nalezeno : user_pref("CT3072253.CommunitiesChangesLastCheckTime", "0");
Nalezeno : user_pref("CT3072253.CurrentServerDate", "12-5-2012");
Nalezeno : user_pref("CT3072253.DSInstall", false);
Nalezeno : user_pref("CT3072253.DialogsAlignMode", "LTR");
Nalezeno : user_pref("CT3072253.DialogsGetterLastCheckTime", "Sat May 12 2012 10:11:55 GMT+0200");
Nalezeno : user_pref("CT3072253.DownloadReferralCookieData", "");
Nalezeno : user_pref("CT3072253.FirstServerDate", "4-5-2012");
Nalezeno : user_pref("CT3072253.FirstTime", true);
Nalezeno : user_pref("CT3072253.FirstTimeFF3", true);
Nalezeno : user_pref("CT3072253.FixPageNotFoundErrors", true);
Nalezeno : user_pref("CT3072253.GroupingInvalidateCache", false);
Nalezeno : user_pref("CT3072253.GroupingLastCheckTime", "0");
Nalezeno : user_pref("CT3072253.GroupingLastServerUpdateTime", "0");
Nalezeno : user_pref("CT3072253.GroupingServerCheckInterval", 1440);
Nalezeno : user_pref("CT3072253.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Nalezeno : user_pref("CT3072253.HPInstall", false);
Nalezeno : user_pref("CT3072253.HasUserGlobalKeys", true);
Nalezeno : user_pref("CT3072253.HomePageProtectorEnabled", false);
Nalezeno : user_pref("CT3072253.HomepageBeforeUnload", "hxxp://www.seznam.cz/");
Nalezeno : user_pref("CT3072253.Initialize", true);
Nalezeno : user_pref("CT3072253.InitializeCommonPrefs", true);
Nalezeno : user_pref("CT3072253.InstallationAndCookieDataSentCount", 3);
Nalezeno : user_pref("CT3072253.InstallationId", "fft3E.tmp.exe");
Nalezeno : user_pref("CT3072253.InstallationType", "XPE");
Nalezeno : user_pref("CT3072253.InstalledDate", "Fri May 04 2012 21:47:50 GMT+0200");
Nalezeno : user_pref("CT3072253.InvalidateCache", false);
Nalezeno : user_pref("CT3072253.IsAlertDBUpdated", true);
Nalezeno : user_pref("CT3072253.IsGrouping", false);
Nalezeno : user_pref("CT3072253.IsInitSetupIni", true);
Nalezeno : user_pref("CT3072253.IsMulticommunity", false);
Nalezeno : user_pref("CT3072253.IsOpenThankYouPage", true);
Nalezeno : user_pref("CT3072253.IsOpenUninstallPage", false);
Nalezeno : user_pref("CT3072253.LanguagePackLastCheckTime", "Sat May 12 2012 10:11:55 GMT+0200");
Nalezeno : user_pref("CT3072253.LanguagePackReloadIntervalMM", 1440);
Nalezeno : user_pref("CT3072253.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Nalezeno : user_pref("CT3072253.LastLogin_3.12.0.8", "Sun May 06 2012 01:36:24 GMT+0200");
Nalezeno : user_pref("CT3072253.LastLogin_3.12.2.3", "Sat May 12 2012 10:11:55 GMT+0200");
Nalezeno : user_pref("CT3072253.LatestVersion", "3.12.2.3");
Nalezeno : user_pref("CT3072253.Locale", "en");
Nalezeno : user_pref("CT3072253.MCDetectTooltipHeight", "83");
Nalezeno : user_pref("CT3072253.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Nalezeno : user_pref("CT3072253.MCDetectTooltipWidth", "295");
Nalezeno : user_pref("CT3072253.MyStuffEnabledAtInstallation", true);
Nalezeno : user_pref("CT3072253.OriginalFirstVersion", "3.12.0.8");
Nalezeno : user_pref("CT3072253.RadioLastCheckTime", "0");
Nalezeno : user_pref("CT3072253.RadioLastUpdateIPServer", "0");
Nalezeno : user_pref("CT3072253.RadioLastUpdateServer", "0");
Nalezeno : user_pref("CT3072253.SHRINK_TOOLBAR", 1);
Nalezeno : user_pref("CT3072253.SearchCaption", "uTorrentControl2 Customized Web Search");
Nalezeno : user_pref("CT3072253.SearchEngineBeforeUnload", "Ask.com");
Nalezeno : user_pref("CT3072253.SearchFromAddressBarIsInit", true);
Nalezeno : user_pref("CT3072253.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT307[...]
Nalezeno : user_pref("CT3072253.SearchInNewTabEnabled", true);
Nalezeno : user_pref("CT3072253.SearchInNewTabIntervalMM", 1440);
Nalezeno : user_pref("CT3072253.SearchInNewTabLastCheckTime", "Sat May 12 2012 10:11:54 GMT+0200");
Nalezeno : user_pref("CT3072253.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Nalezeno : user_pref("CT3072253.SearchProtectorEnabled", false);
Nalezeno : user_pref("CT3072253.SearchProtectorToolbarDisabled", true);
Nalezeno : user_pref("CT3072253.SendProtectorDataViaLogin", true);
Nalezeno : user_pref("CT3072253.ServiceMapLastCheckTime", "Sat May 12 2012 10:11:54 GMT+0200");
Nalezeno : user_pref("CT3072253.SettingsLastCheckTime", "Sat May 12 2012 10:12:33 GMT+0200");
Nalezeno : user_pref("CT3072253.SettingsLastUpdate", "1336064285");
Nalezeno : user_pref("CT3072253.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=13");
Nalezeno : user_pref("CT3072253.ThirdPartyComponentsInterval", 504);
Nalezeno : user_pref("CT3072253.ThirdPartyComponentsLastCheck", "Fri May 04 2012 21:47:48 GMT+0200");
Nalezeno : user_pref("CT3072253.ThirdPartyComponentsLastUpdate", "1312887586");
Nalezeno : user_pref("CT3072253.ToolbarDisabled", true);
Nalezeno : user_pref("CT3072253.ToolbarShrinkedFromSetup", false);
Nalezeno : user_pref("CT3072253.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3072253");
Nalezeno : user_pref("CT3072253.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Nalezeno : user_pref("CT3072253.UserID", "UN27487169882599243");
Nalezeno : user_pref("CT3072253.ValidationData_Toolbar", 2);
Nalezeno : user_pref("CT3072253.alertChannelId", "1463702");
Nalezeno : user_pref("CT3072253.autoDisableScopes", -1);
Nalezeno : user_pref("CT3072253.backendstorage.cbcountry_000", "435A");
Nalezeno : user_pref("CT3072253.backendstorage.cbfirsttime", "467269204D617920303420323031322032313A34373A35362[...]
Nalezeno : user_pref("CT3072253.backendstorage.url_history0001", "687474703A2F2F647261676F6E6167652E62696F77617[...]
Nalezeno : user_pref("CT3072253.components.129573915102477663", false);
Nalezeno : user_pref("CT3072253.components.129593762370823811", false);
Nalezeno : user_pref("CT3072253.components.129749445881800338", false);
Nalezeno : user_pref("CT3072253.components.129805375651312503", false);
Nalezeno : user_pref("CT3072253.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Nalezeno : user_pref("CT3072253.globalFirstTimeInfoLastCheckTime", "Fri May 04 2012 21:47:51 GMT+0200");
Nalezeno : user_pref("CT3072253.homepageProtectorEnableByLogin", true);
Nalezeno : user_pref("CT3072253.initDone", true);
Nalezeno : user_pref("CT3072253.isAppTrackingManagerOn", true);
Nalezeno : user_pref("CT3072253.myStuffEnabled", true);
Nalezeno : user_pref("CT3072253.myStuffPublihserMinWidth", 400);
Nalezeno : user_pref("CT3072253.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Nalezeno : user_pref("CT3072253.myStuffServiceIntervalMM", 1440);
Nalezeno : user_pref("CT3072253.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Nalezeno : user_pref("CT3072253.navigateToUrlOnSearch", false);
Nalezeno : user_pref("CT3072253.revertSettingsEnabled", true);
Nalezeno : user_pref("CT3072253.searchProtectorDialogDelayInSec", 10);
Nalezeno : user_pref("CT3072253.searchProtectorEnableByLogin", true);
Nalezeno : user_pref("CT3072253.testingCtid", "");
Nalezeno : user_pref("CT3072253.toolbarAppMetaDataLastCheckTime", "Sat May 12 2012 10:11:55 GMT+0200");
Nalezeno : user_pref("CT3072253.toolbarContextMenuLastCheckTime", "Fri May 04 2012 21:47:53 GMT+0200");
Nalezeno : user_pref("CT3072253.usagesFlag", 2);
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3072253/CT3072253[...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1463702/1459356/CZ", "\"0\"[...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3072253", [...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3072253",[...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"67e[...]
Nalezeno : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\Matt\\Data aplikac[...]
Nalezeno : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.2.3");
Nalezeno : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.seznam.cz/?sourceid=FF_5&q[...]
Nalezeno : user_pref("CommunityToolbar.ToolbarsList", "CT1750559,CT3072253");
Nalezeno : user_pref("CommunityToolbar.ToolbarsList2", "CT1750559,CT3072253");
Nalezeno : user_pref("CommunityToolbar.ToolbarsList4", "CT3072253");
Nalezeno : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Oct 16 2011 21:42:02 GMT+0200");
Nalezeno : user_pref("CommunityToolbar.globalUserId", "e4c94a29-66c5-467e-a3b9-fd667c829c83");
Nalezeno : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Nalezeno : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Nalezeno : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3072253");
Nalezeno : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat May 12 2012 10:11:5[...]
Nalezeno : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Nalezeno : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Nalezeno : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed Apr 11 2012 19:57:05 GMT+020[...]
Nalezeno : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Nalezeno : user_pref("CommunityToolbar.notifications.locale", "en");
Nalezeno : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Nalezeno : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat May 12 2012 10:11:54 GMT+0200");
Nalezeno : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Nalezeno : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Nalezeno : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Nalezeno : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Nalezeno : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Nalezeno : user_pref("CommunityToolbar.notifications.userId", "3bb0ac83-a00b-4898-854b-23996a4de080");
Nalezeno : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.seznam.cz/");
Nalezeno : user_pref("CommunityToolbar.originalSearchEngine", "Ask.com");
Nalezeno : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/mb201?a=6PQX4gseeA&i=26");
Nalezeno : user_pref("browser.search.defaultengine", "Ask.com");
Nalezeno : user_pref("browser.search.defaultenginename", "MyStart Search");
Nalezeno : user_pref("browser.search.defaultthis.engineName", "BS Player Customized Web Search");
Nalezeno : user_pref("browser.search.order.1", "Ask.com");
Nalezeno : user_pref("extensions.incredibar.admin", false);
Nalezeno : user_pref("extensions.incredibar.aflt", "orgnl");
Nalezeno : user_pref("extensions.incredibar.cntry", "CZ");
Nalezeno : user_pref("extensions.incredibar.dfltLng", "");
Nalezeno : user_pref("extensions.incredibar.dfltSrch", false);
Nalezeno : user_pref("extensions.incredibar.did", "10643");
Nalezeno : user_pref("extensions.incredibar.envrmnt", "production");
Nalezeno : user_pref("extensions.incredibar.excTlbr", false);
Nalezeno : user_pref("extensions.incredibar.hdrMd5", "4A2DDF32951B567ADE161387EE3B50FB");
Nalezeno : user_pref("extensions.incredibar.hmpg", false);
Nalezeno : user_pref("extensions.incredibar.id", "f882ca9b0000000000000023f830edff");
Nalezeno : user_pref("extensions.incredibar.installerproductid", "26");
Nalezeno : user_pref("extensions.incredibar.instlDay", "15732");
Nalezeno : user_pref("extensions.incredibar.instlRef", "");
Nalezeno : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1412:13:26");
Nalezeno : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
Nalezeno : user_pref("extensions.incredibar.newTab", false);
Nalezeno : user_pref("extensions.incredibar.noFFXTlbr", false);
Nalezeno : user_pref("extensions.incredibar.ppd", "1");
Nalezeno : user_pref("extensions.incredibar.prdct", "incredibar");
Nalezeno : user_pref("extensions.incredibar.productid", "26");
Nalezeno : user_pref("extensions.incredibar.prtnrId", "Incredibar");
Nalezeno : user_pref("extensions.incredibar.sg", "none");
Nalezeno : user_pref("extensions.incredibar.smplGrp", "none");
Nalezeno : user_pref("extensions.incredibar.tlbrId", "base");
Nalezeno : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQX4gseeA&loc=IB_T[...]
Nalezeno : user_pref("extensions.incredibar.upn2", "6PQX4gseeA");
Nalezeno : user_pref("extensions.incredibar.upn2n", "92544343743513888");
Nalezeno : user_pref("extensions.incredibar.vrsn", "1.5.11.14");
Nalezeno : user_pref("extensions.incredibar.vrsnTs", "1.5.11.1412:13:26");
Nalezeno : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
Nalezeno : user_pref("extensions.incredibar_i.aflt", "orgnl");
Nalezeno : user_pref("extensions.incredibar_i.dfltLng", "");
Nalezeno : user_pref("extensions.incredibar_i.did", "10643");
Nalezeno : user_pref("extensions.incredibar_i.excTlbr", false);
Nalezeno : user_pref("extensions.incredibar_i.id", "f882ca9b0000000000000023f830edff");
Nalezeno : user_pref("extensions.incredibar_i.installerproductid", "26");
Nalezeno : user_pref("extensions.incredibar_i.instlDay", "15732");
Nalezeno : user_pref("extensions.incredibar_i.instlRef", "");
Nalezeno : user_pref("extensions.incredibar_i.ms_url_id", "");
Nalezeno : user_pref("extensions.incredibar_i.newTab", false);
Nalezeno : user_pref("extensions.incredibar_i.ppd", "1");
Nalezeno : user_pref("extensions.incredibar_i.prdct", "incredibar");
Nalezeno : user_pref("extensions.incredibar_i.productid", "26");
Nalezeno : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Nalezeno : user_pref("extensions.incredibar_i.smplGrp", "none");
Nalezeno : user_pref("extensions.incredibar_i.tlbrId", "base");
Nalezeno : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQX4gseeA&loc=IB[...]
Nalezeno : user_pref("extensions.incredibar_i.upn2", "6PQX4gseeA");
Nalezeno : user_pref("extensions.incredibar_i.upn2n", "92544343743513888");
Nalezeno : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Nalezeno : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1412:13:26");
Nalezeno : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Nalezeno : user_pref("keyword.URL", "hxxp://mystart.incredibar.com/mb201/?loc=IB_DS&a=6PQX4gseeA&&i=26&search="[...]

-\\ Google Chrome v26.0.1410.64

Soubor : C:\Documents and Settings\Matt\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [27080 octets] - [11/05/2013 20:12:35]

########## EOF - C:\AdwCleaner[R1].txt - [27141 octets] ##########

#5 Příspěvek od **Mc_Murphy** » 12 kvě 2013 08:51

No je tam toho fest.

Provedeme opravy.

Spusť AdwCleaner znovu.
Klikni na [Delete].
PC provede opravu, restartuje se a vytvoří log C:\AdwCleaner [S1].txt - jeho obsah mi sem zase vlož.

bmwacs · #6 Příspěvek od **bmwacs** » 12 kvě 2013 13:30

Opravdu no tak to jsem nečekal

bmwacs · #7 Příspěvek od **bmwacs** » 12 kvě 2013 13:30

# AdwCleaner v2.300 - Log vytvooen 12/05/2013 v 13:50:24
# Aktualizováno 28/04/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : Matt - MATT-A14BB20269
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\Matt\Plocha\adwcleaner.exe
# Volba [Vymazat]

***** [Služby] *****

***** [Soubory / Složky] *****

Složka Vymazáno : C:\Documents and Settings\All Users\Data aplikací\Ask
Složka Vymazáno : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Složka Vymazáno : C:\Documents and Settings\Matt\Data aplikací\Mozilla\Firefox\Profiles\umqgq4uc.default\Conduit
Složka Vymazáno : C:\Documents and Settings\Matt\Data aplikací\Mozilla\Firefox\Profiles\umqgq4uc.default\ConduitCommon
Složka Vymazáno : C:\Documents and Settings\Matt\Data aplikací\Mozilla\Firefox\Profiles\umqgq4uc.default\CT1750559
Složka Vymazáno : C:\Documents and Settings\Matt\Data aplikací\Mozilla\Firefox\Profiles\umqgq4uc.default\CT3072253
Složka Vymazáno : C:\Documents and Settings\Matt\Data aplikací\Mozilla\Firefox\Profiles\umqgq4uc.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
Složka Vymazáno : C:\Documents and Settings\Matt\Data aplikací\Mozilla\Firefox\Profiles\umqgq4uc.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
Složka Vymazáno : C:\Documents and Settings\Matt\Data aplikací\Mozilla\Firefox\Profiles\umqgq4uc.default\extensions\ffxtlbr@incredibar.com
Složka Vymazáno : C:\Documents and Settings\Matt\Local Settings\Data aplikací\APN
Složka Vymazáno : C:\Documents and Settings\Matt\Local Settings\Data aplikací\Conduit
Složka Vymazáno : C:\Program Files\Conduit
Složka Vymazáno : C:\Program Files\DAEMON Tools Toolbar
Složka Vymazáno : C:\Program Files\ICQ6Toolbar
Složka Vymazáno : C:\Program Files\Perion
Soubor Vymazáno : C:\Documents and Settings\Matt\Data aplikací\Mozilla\Firefox\Profiles\umqgq4uc.default\searchplugins\MyStart Search.xml
Soubor Vymazáno : C:\user.js

***** [Registry] *****

Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Hodnota Vymazáno : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKCU\Software\Conduit
Klíe Vymazáno : HKCU\Software\IM
Klíe Vymazáno : HKCU\Software\ImInstaller
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Vymazáno : HKCU\Software\PIP
Klíe Vymazáno : HKCU\Software\Softonic
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar.CT2645238
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Klíe Vymazáno : HKLM\Software\Conduit
Klíe Vymazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Klíe Vymazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Klíe Vymazáno : HKLM\Software\IB Updater
Klíe Vymazáno : HKLM\Software\PIP

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v8.0.6001.18702

Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://mystart.incredibar.com/mb201?a=6PQX4gseeA&i=26 --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com

-\\ Mozilla Firefox v20.0.1 (cs)

Soubor : C:\Documents and Settings\Matt\Data aplikací\Mozilla\Firefox\Profiles\umqgq4uc.default\prefs.js

C:\Documents and Settings\Matt\Data aplikací\Mozilla\Firefox\Profiles\umqgq4uc.default\user.js ... Vymazáno !

Vymazáno : user_pref("CT1750559.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Vymazáno : user_pref("CT1750559.CTID", "CT1750559");
Vymazáno : user_pref("CT1750559.CurrentServerDate", "26-1-2011");
Vymazáno : user_pref("CT1750559.DialogsAlignMode", "LTR");
Vymazáno : user_pref("CT1750559.FirstServerDate", "12-12-2010");
Vymazáno : user_pref("CT1750559.FirstTime", true);
Vymazáno : user_pref("CT1750559.FirstTimeFF3", true);
Vymazáno : user_pref("CT1750559.FixPageNotFoundErrors", true);
Vymazáno : user_pref("CT1750559.GroupingServerCheckInterval", 1440);
Vymazáno : user_pref("CT1750559.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Vymazáno : user_pref("CT1750559.Initialize", true);
Vymazáno : user_pref("CT1750559.InitializeCommonPrefs", true);
Vymazáno : user_pref("CT1750559.InstalledDate", "Sun Dec 12 2010 13:34:44 GMT+0100");
Vymazáno : user_pref("CT1750559.InvalidateCache", false);
Vymazáno : user_pref("CT1750559.IsGrouping", false);
Vymazáno : user_pref("CT1750559.IsMulticommunity", false);
Vymazáno : user_pref("CT1750559.IsOpenThankYouPage", true);
Vymazáno : user_pref("CT1750559.IsOpenUninstallPage", true);
Vymazáno : user_pref("CT1750559.LanguagePackLastCheckTime", "Sun Oct 16 2011 21:42:04 GMT+0200");
Vymazáno : user_pref("CT1750559.LanguagePackReloadIntervalMM", 1440);
Vymazáno : user_pref("CT1750559.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Vymazáno : user_pref("CT1750559.LastLogin_2.5.6.0", "Sun Oct 16 2011 21:42:07 GMT+0200");
Vymazáno : user_pref("CT1750559.LatestVersion", "3.2.5.2");
Vymazáno : user_pref("CT1750559.Locale", "en-us");
Vymazáno : user_pref("CT1750559.LoginCache", 4);
Vymazáno : user_pref("CT1750559.MCDetectTooltipHeight", "83");
Vymazáno : user_pref("CT1750559.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Vymazáno : user_pref("CT1750559.MCDetectTooltipWidth", "295");
Vymazáno : user_pref("CT1750559.RadioIsPodcast", false);
Vymazáno : user_pref("CT1750559.RadioLastCheckTime", "Sun Oct 16 2011 21:42:03 GMT+0200");
Vymazáno : user_pref("CT1750559.RadioLastUpdateIPServer", "3");
Vymazáno : user_pref("CT1750559.RadioLastUpdateServer", "128929877726170000");
Vymazáno : user_pref("CT1750559.RadioMediaID", "11237206");
Vymazáno : user_pref("CT1750559.RadioMediaType", "Media Player");
Vymazáno : user_pref("CT1750559.RadioMenuSelectedID", "EBRadioMenu_CT175055911237206");
Vymazáno : user_pref("CT1750559.RadioStationName", "1.FM%20Dance");
Vymazáno : user_pref("CT1750559.RadioStationURL", "hxxp://dance.1.fm/energydance128k?MSWMExt=.asf");
Vymazáno : user_pref("CT1750559.SHRINK_TOOLBAR", 1);
Vymazáno : user_pref("CT1750559.SavedHomepage", "hxxp://www.seznam.cz");
Vymazáno : user_pref("CT1750559.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Vymazáno : user_pref("CT1750559.SearchFromAddressBarIsInit", true);
Vymazáno : user_pref("CT1750559.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT175[...]
Vymazáno : user_pref("CT1750559.SearchInNewTabEnabled", true);
Vymazáno : user_pref("CT1750559.SearchInNewTabIntervalMM", 1440);
Vymazáno : user_pref("CT1750559.SearchInNewTabLastCheckTime", "Sun Oct 16 2011 21:42:02 GMT+0200");
Vymazáno : user_pref("CT1750559.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Vymazáno : user_pref("CT1750559.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Vymazáno : user_pref("CT1750559.SettingsCheckIntervalMin", 120);
Vymazáno : user_pref("CT1750559.SettingsLastCheckTime", "Sun Oct 16 2011 21:42:02 GMT+0200");
Vymazáno : user_pref("CT1750559.SettingsLastUpdate", "1316435446");
Vymazáno : user_pref("CT1750559.ThirdPartyComponentsInterval", 504);
Vymazáno : user_pref("CT1750559.ThirdPartyComponentsLastCheck", "Sun Oct 16 2011 21:42:02 GMT+0200");
Vymazáno : user_pref("CT1750559.ThirdPartyComponentsLastUpdate", "1312887586");
Vymazáno : user_pref("CT1750559.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Vymazáno : user_pref("CT1750559.UserID", "UN55813428512695778");
Vymazáno : user_pref("CT1750559.WeatherNetwork", "");
Vymazáno : user_pref("CT1750559.WeatherPollDate", "Sun Oct 16 2011 21:42:04 GMT+0200");
Vymazáno : user_pref("CT1750559.WeatherUnit", "C");
Vymazáno : user_pref("CT1750559.alertChannelId", "31130");
Vymazáno : user_pref("CT1750559.backendstorage.amazonnew_all", "313534333131312C313637333032312C313637333134312[...]
Vymazáno : user_pref("CT1750559.backendstorage.appbuttondisablenull", "30");
Vymazáno : user_pref("CT1750559.clientLogIsEnabled", false);
Vymazáno : user_pref("CT1750559.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Vymazáno : user_pref("CT1750559.myStuffEnabled", true);
Vymazáno : user_pref("CT1750559.myStuffPublihserMinWidth", 400);
Vymazáno : user_pref("CT1750559.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Vymazáno : user_pref("CT1750559.myStuffServiceIntervalMM", 1440);
Vymazáno : user_pref("CT1750559.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Vymazáno : user_pref("CT1750559.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Vymazáno : user_pref("CT3072253..clientLogIsEnabled", true);
Vymazáno : user_pref("CT3072253..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Vymazáno : user_pref("CT3072253..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Vymazáno : user_pref("CT3072253.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Vymazáno : user_pref("CT3072253.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Vymazáno : user_pref("CT3072253.BrowserCompStateIsOpen_129573915102477663", true);
Vymazáno : user_pref("CT3072253.BrowserCompStateIsOpen_129749445881800338", true);
Vymazáno : user_pref("CT3072253.BrowserCompStateIsOpen_129805375651312503", true);
Vymazáno : user_pref("CT3072253.CTID", "CT3072253");
Vymazáno : user_pref("CT3072253.CommunitiesChangesLastCheckTime", "0");
Vymazáno : user_pref("CT3072253.CurrentServerDate", "12-5-2012");
Vymazáno : user_pref("CT3072253.DSInstall", false);
Vymazáno : user_pref("CT3072253.DialogsAlignMode", "LTR");
Vymazáno : user_pref("CT3072253.DialogsGetterLastCheckTime", "Sat May 12 2012 10:11:55 GMT+0200");
Vymazáno : user_pref("CT3072253.DownloadReferralCookieData", "");
Vymazáno : user_pref("CT3072253.FirstServerDate", "4-5-2012");
Vymazáno : user_pref("CT3072253.FirstTime", true);
Vymazáno : user_pref("CT3072253.FirstTimeFF3", true);
Vymazáno : user_pref("CT3072253.FixPageNotFoundErrors", true);
Vymazáno : user_pref("CT3072253.GroupingInvalidateCache", false);
Vymazáno : user_pref("CT3072253.GroupingLastCheckTime", "0");
Vymazáno : user_pref("CT3072253.GroupingLastServerUpdateTime", "0");
Vymazáno : user_pref("CT3072253.GroupingServerCheckInterval", 1440);
Vymazáno : user_pref("CT3072253.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Vymazáno : user_pref("CT3072253.HPInstall", false);
Vymazáno : user_pref("CT3072253.HasUserGlobalKeys", true);
Vymazáno : user_pref("CT3072253.HomePageProtectorEnabled", false);
Vymazáno : user_pref("CT3072253.HomepageBeforeUnload", "hxxp://www.seznam.cz/");
Vymazáno : user_pref("CT3072253.Initialize", true);
Vymazáno : user_pref("CT3072253.InitializeCommonPrefs", true);
Vymazáno : user_pref("CT3072253.InstallationAndCookieDataSentCount", 3);
Vymazáno : user_pref("CT3072253.InstallationId", "fft3E.tmp.exe");
Vymazáno : user_pref("CT3072253.InstallationType", "XPE");
Vymazáno : user_pref("CT3072253.InstalledDate", "Fri May 04 2012 21:47:50 GMT+0200");
Vymazáno : user_pref("CT3072253.InvalidateCache", false);
Vymazáno : user_pref("CT3072253.IsAlertDBUpdated", true);
Vymazáno : user_pref("CT3072253.IsGrouping", false);
Vymazáno : user_pref("CT3072253.IsInitSetupIni", true);
Vymazáno : user_pref("CT3072253.IsMulticommunity", false);
Vymazáno : user_pref("CT3072253.IsOpenThankYouPage", true);
Vymazáno : user_pref("CT3072253.IsOpenUninstallPage", false);
Vymazáno : user_pref("CT3072253.LanguagePackLastCheckTime", "Sat May 12 2012 10:11:55 GMT+0200");
Vymazáno : user_pref("CT3072253.LanguagePackReloadIntervalMM", 1440);
Vymazáno : user_pref("CT3072253.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Vymazáno : user_pref("CT3072253.LastLogin_3.12.0.8", "Sun May 06 2012 01:36:24 GMT+0200");
Vymazáno : user_pref("CT3072253.LastLogin_3.12.2.3", "Sat May 12 2012 10:11:55 GMT+0200");
Vymazáno : user_pref("CT3072253.LatestVersion", "3.12.2.3");
Vymazáno : user_pref("CT3072253.Locale", "en");
Vymazáno : user_pref("CT3072253.MCDetectTooltipHeight", "83");
Vymazáno : user_pref("CT3072253.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Vymazáno : user_pref("CT3072253.MCDetectTooltipWidth", "295");
Vymazáno : user_pref("CT3072253.MyStuffEnabledAtInstallation", true);
Vymazáno : user_pref("CT3072253.OriginalFirstVersion", "3.12.0.8");
Vymazáno : user_pref("CT3072253.RadioLastCheckTime", "0");
Vymazáno : user_pref("CT3072253.RadioLastUpdateIPServer", "0");
Vymazáno : user_pref("CT3072253.RadioLastUpdateServer", "0");
Vymazáno : user_pref("CT3072253.SHRINK_TOOLBAR", 1);
Vymazáno : user_pref("CT3072253.SearchCaption", "uTorrentControl2 Customized Web Search");
Vymazáno : user_pref("CT3072253.SearchEngineBeforeUnload", "Ask.com");
Vymazáno : user_pref("CT3072253.SearchFromAddressBarIsInit", true);
Vymazáno : user_pref("CT3072253.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT307[...]
Vymazáno : user_pref("CT3072253.SearchInNewTabEnabled", true);
Vymazáno : user_pref("CT3072253.SearchInNewTabIntervalMM", 1440);
Vymazáno : user_pref("CT3072253.SearchInNewTabLastCheckTime", "Sat May 12 2012 10:11:54 GMT+0200");
Vymazáno : user_pref("CT3072253.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Vymazáno : user_pref("CT3072253.SearchProtectorEnabled", false);
Vymazáno : user_pref("CT3072253.SearchProtectorToolbarDisabled", true);
Vymazáno : user_pref("CT3072253.SendProtectorDataViaLogin", true);
Vymazáno : user_pref("CT3072253.ServiceMapLastCheckTime", "Sat May 12 2012 10:11:54 GMT+0200");
Vymazáno : user_pref("CT3072253.SettingsLastCheckTime", "Sat May 12 2012 10:12:33 GMT+0200");
Vymazáno : user_pref("CT3072253.SettingsLastUpdate", "1336064285");
Vymazáno : user_pref("CT3072253.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=13");
Vymazáno : user_pref("CT3072253.ThirdPartyComponentsInterval", 504);
Vymazáno : user_pref("CT3072253.ThirdPartyComponentsLastCheck", "Fri May 04 2012 21:47:48 GMT+0200");
Vymazáno : user_pref("CT3072253.ThirdPartyComponentsLastUpdate", "1312887586");
Vymazáno : user_pref("CT3072253.ToolbarDisabled", true);
Vymazáno : user_pref("CT3072253.ToolbarShrinkedFromSetup", false);
Vymazáno : user_pref("CT3072253.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3072253");
Vymazáno : user_pref("CT3072253.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Vymazáno : user_pref("CT3072253.UserID", "UN27487169882599243");
Vymazáno : user_pref("CT3072253.ValidationData_Toolbar", 2);
Vymazáno : user_pref("CT3072253.alertChannelId", "1463702");
Vymazáno : user_pref("CT3072253.autoDisableScopes", -1);
Vymazáno : user_pref("CT3072253.backendstorage.cbcountry_000", "435A");
Vymazáno : user_pref("CT3072253.backendstorage.cbfirsttime", "467269204D617920303420323031322032313A34373A35362[...]
Vymazáno : user_pref("CT3072253.backendstorage.url_history0001", "687474703A2F2F647261676F6E6167652E62696F77617[...]
Vymazáno : user_pref("CT3072253.components.129573915102477663", false);
Vymazáno : user_pref("CT3072253.components.129593762370823811", false);
Vymazáno : user_pref("CT3072253.components.129749445881800338", false);
Vymazáno : user_pref("CT3072253.components.129805375651312503", false);
Vymazáno : user_pref("CT3072253.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Vymazáno : user_pref("CT3072253.globalFirstTimeInfoLastCheckTime", "Fri May 04 2012 21:47:51 GMT+0200");
Vymazáno : user_pref("CT3072253.homepageProtectorEnableByLogin", true);
Vymazáno : user_pref("CT3072253.initDone", true);
Vymazáno : user_pref("CT3072253.isAppTrackingManagerOn", true);
Vymazáno : user_pref("CT3072253.myStuffEnabled", true);
Vymazáno : user_pref("CT3072253.myStuffPublihserMinWidth", 400);
Vymazáno : user_pref("CT3072253.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Vymazáno : user_pref("CT3072253.myStuffServiceIntervalMM", 1440);
Vymazáno : user_pref("CT3072253.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Vymazáno : user_pref("CT3072253.navigateToUrlOnSearch", false);
Vymazáno : user_pref("CT3072253.revertSettingsEnabled", true);
Vymazáno : user_pref("CT3072253.searchProtectorDialogDelayInSec", 10);
Vymazáno : user_pref("CT3072253.searchProtectorEnableByLogin", true);
Vymazáno : user_pref("CT3072253.testingCtid", "");
Vymazáno : user_pref("CT3072253.toolbarAppMetaDataLastCheckTime", "Sat May 12 2012 10:11:55 GMT+0200");
Vymazáno : user_pref("CT3072253.toolbarContextMenuLastCheckTime", "Fri May 04 2012 21:47:53 GMT+0200");
Vymazáno : user_pref("CT3072253.usagesFlag", 2);
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3072253/CT3072253[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1463702/1459356/CZ", "\"0\"[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3072253", [...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3072253",[...]
Vymazáno : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"67e[...]
Vymazáno : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\Matt\\Data aplikac[...]
Vymazáno : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.2.3");
Vymazáno : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.seznam.cz/?sourceid=FF_5&q[...]
Vymazáno : user_pref("CommunityToolbar.ToolbarsList", "CT1750559,CT3072253");
Vymazáno : user_pref("CommunityToolbar.ToolbarsList2", "CT1750559,CT3072253");
Vymazáno : user_pref("CommunityToolbar.ToolbarsList4", "CT3072253");
Vymazáno : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Oct 16 2011 21:42:02 GMT+0200");
Vymazáno : user_pref("CommunityToolbar.globalUserId", "e4c94a29-66c5-467e-a3b9-fd667c829c83");
Vymazáno : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Vymazáno : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Vymazáno : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3072253");
Vymazáno : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat May 12 2012 10:11:5[...]
Vymazáno : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Vymazáno : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Vymazáno : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed Apr 11 2012 19:57:05 GMT+020[...]
Vymazáno : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Vymazáno : user_pref("CommunityToolbar.notifications.locale", "en");
Vymazáno : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Vymazáno : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat May 12 2012 10:11:54 GMT+0200");
Vymazáno : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Vymazáno : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Vymazáno : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Vymazáno : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Vymazáno : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Vymazáno : user_pref("CommunityToolbar.notifications.userId", "3bb0ac83-a00b-4898-854b-23996a4de080");
Vymazáno : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.seznam.cz/");
Vymazáno : user_pref("CommunityToolbar.originalSearchEngine", "Ask.com");
Vymazáno : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/mb201?a=6PQX4gseeA&i=26");
Vymazáno : user_pref("browser.search.defaultengine", "Ask.com");
Vymazáno : user_pref("browser.search.defaultenginename", "MyStart Search");
Vymazáno : user_pref("browser.search.defaultthis.engineName", "BS Player Customized Web Search");
Vymazáno : user_pref("browser.search.order.1", "Ask.com");
Vymazáno : user_pref("extensions.incredibar.admin", false);
Vymazáno : user_pref("extensions.incredibar.aflt", "orgnl");
Vymazáno : user_pref("extensions.incredibar.cntry", "CZ");
Vymazáno : user_pref("extensions.incredibar.dfltLng", "");
Vymazáno : user_pref("extensions.incredibar.dfltSrch", false);
Vymazáno : user_pref("extensions.incredibar.did", "10643");
Vymazáno : user_pref("extensions.incredibar.envrmnt", "production");
Vymazáno : user_pref("extensions.incredibar.excTlbr", false);
Vymazáno : user_pref("extensions.incredibar.hdrMd5", "4A2DDF32951B567ADE161387EE3B50FB");
Vymazáno : user_pref("extensions.incredibar.hmpg", false);
Vymazáno : user_pref("extensions.incredibar.id", "f882ca9b0000000000000023f830edff");
Vymazáno : user_pref("extensions.incredibar.installerproductid", "26");
Vymazáno : user_pref("extensions.incredibar.instlDay", "15732");
Vymazáno : user_pref("extensions.incredibar.instlRef", "");
Vymazáno : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1412:13:26");
Vymazáno : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
Vymazáno : user_pref("extensions.incredibar.newTab", false);
Vymazáno : user_pref("extensions.incredibar.noFFXTlbr", false);
Vymazáno : user_pref("extensions.incredibar.ppd", "1");
Vymazáno : user_pref("extensions.incredibar.prdct", "incredibar");
Vymazáno : user_pref("extensions.incredibar.productid", "26");
Vymazáno : user_pref("extensions.incredibar.prtnrId", "Incredibar");
Vymazáno : user_pref("extensions.incredibar.sg", "none");
Vymazáno : user_pref("extensions.incredibar.smplGrp", "none");
Vymazáno : user_pref("extensions.incredibar.tlbrId", "base");
Vymazáno : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQX4gseeA&loc=IB_T[...]
Vymazáno : user_pref("extensions.incredibar.upn2", "6PQX4gseeA");
Vymazáno : user_pref("extensions.incredibar.upn2n", "92544343743513888");
Vymazáno : user_pref("extensions.incredibar.vrsn", "1.5.11.14");
Vymazáno : user_pref("extensions.incredibar.vrsnTs", "1.5.11.1412:13:26");
Vymazáno : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
Vymazáno : user_pref("extensions.incredibar_i.aflt", "orgnl");
Vymazáno : user_pref("extensions.incredibar_i.dfltLng", "");
Vymazáno : user_pref("extensions.incredibar_i.did", "10643");
Vymazáno : user_pref("extensions.incredibar_i.excTlbr", false);
Vymazáno : user_pref("extensions.incredibar_i.id", "f882ca9b0000000000000023f830edff");
Vymazáno : user_pref("extensions.incredibar_i.installerproductid", "26");
Vymazáno : user_pref("extensions.incredibar_i.instlDay", "15732");
Vymazáno : user_pref("extensions.incredibar_i.instlRef", "");
Vymazáno : user_pref("extensions.incredibar_i.ms_url_id", "");
Vymazáno : user_pref("extensions.incredibar_i.newTab", false);
Vymazáno : user_pref("extensions.incredibar_i.ppd", "1");
Vymazáno : user_pref("extensions.incredibar_i.prdct", "incredibar");
Vymazáno : user_pref("extensions.incredibar_i.productid", "26");
Vymazáno : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Vymazáno : user_pref("extensions.incredibar_i.smplGrp", "none");
Vymazáno : user_pref("extensions.incredibar_i.tlbrId", "base");
Vymazáno : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQX4gseeA&loc=IB[...]
Vymazáno : user_pref("extensions.incredibar_i.upn2", "6PQX4gseeA");
Vymazáno : user_pref("extensions.incredibar_i.upn2n", "92544343743513888");
Vymazáno : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Vymazáno : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1412:13:26");
Vymazáno : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Vymazáno : user_pref("keyword.URL", "hxxp://mystart.incredibar.com/mb201/?loc=IB_DS&a=6PQX4gseeA&&i=26&search="[...]

-\\ Google Chrome v26.0.1410.64

Soubor : C:\Documents and Settings\Matt\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [27211 octets] - [11/05/2013 20:12:35]
AdwCleaner[S1].txt - [26608 octets] - [12/05/2013 13:50:24]

########## EOF - C:\AdwCleaner[S1].txt - [26669 octets] ##########

#8 Příspěvek od **Mc_Murphy** » 12 kvě 2013 14:29

Stáhni RogueKiller - http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Ulož jej nejlépe na Plochu.
Ukonči všechny programy!
Spusť RogueKiller.
Počkej, než program dokončí Prescan.
Potom klikni na tlačítko [Prohledat] a počkej, až prohlídka proběhne.
Klikni na tlačítko [Zpráva] - otevře se log, ten mi sem vlož.
Detailní postup včetně obrázků najdeš zde: http://forum.viry.cz/viewtopic.php?f=24&t=120452

bmwacs · #9 Příspěvek od **bmwacs** » 12 kvě 2013 14:49

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Matt [Práva správce]
Mód : Kontrola -- Datum : 05/12/2013 15:48:55
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> NALEZENO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ] HKLM\[...]\SystemRestore : DisableSR (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD800JD-55MUA1 +++++
--- User ---
[MBR] d74b1b01a6c91989a67ce4623dbadf1b
[BSP] b2d3d31853a821bf964f34fe66322922 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76308 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive1: ST380811AS +++++
--- User ---
[MBR] 5ea1ea4d99f1d078ec8e3a851b647db5
[BSP] 1b12ef102c6dc67f9b8e2329c3dba27a : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76308 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[1]_S_05122013_02d1548.txt >>
RKreport[1]_S_05122013_02d1548.txt

#10 Příspěvek od **Mc_Murphy** » 13 kvě 2013 15:02

Takže provedeme další opravy.

Ukonči všechny programy!
Spusť RogueKiller.
Počkej, než program dokončí Prescan.
Zvol možnost [Prohledat] a počkej, až prohlídka proběhne.
V záložce Registry nech všechny nálezy označeny.
Klikni na tlačítko [Smazat] a následně na [Zpráva] - otevře se log, ten mi sem vlož.
Pak ještě klikni na tlačítko [Oprava Hosts] a potom opět na [Zpráva] - otevře se další log, který mi sem také vlož.

bmwacs · #11 Příspěvek od **bmwacs** » 14 kvě 2013 21:00

prohlížeč může být spuštěný? a MS essential mám vypnout?

bmwacs · #12 Příspěvek od **bmwacs** » 14 kvě 2013 21:02

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Matt [Práva správce]
Mód : Odebrat -- Datum : 05/14/2013 22:02:13
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> VYMAZÁNO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ] HKLM\[...]\SystemRestore : DisableSR (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD800JD-55MUA1 +++++
--- User ---
[MBR] d74b1b01a6c91989a67ce4623dbadf1b
[BSP] b2d3d31853a821bf964f34fe66322922 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76308 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive1: ST380811AS +++++
--- User ---
[MBR] 5ea1ea4d99f1d078ec8e3a851b647db5
[BSP] 1b12ef102c6dc67f9b8e2329c3dba27a : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76308 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[3]_D_05142013_02d2202.txt >>
RKreport[1]_S_05122013_02d1548.txt ; RKreport[2]_S_05142013_02d2201.txt ; RKreport[3]_D_05142013_02d2202.txt

bmwacs · #13 Příspěvek od **bmwacs** » 14 kvě 2013 21:03

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Matt [Práva správce]
Mód : Oprava HOSTS -- Datum : 05/14/2013 22:02:55
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

ÿþ1

¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[4]_H_05142013_02d2202.txt >>
RKreport[1]_S_05122013_02d1548.txt ; RKreport[2]_S_05142013_02d2201.txt ; RKreport[3]_D_05142013_02d2202.txt ; RKreport[4]_H_05142013_02d2202.txt

#14 Příspěvek od **Mc_Murphy** » 15 kvě 2013 10:13

bmwacs píše:prohlížeč může být spuštěný? a MS essential mám vypnout?

Když napíšu v návodu "všechny programy", pravděpodobně tím myslím "všechny programy"... takže torrenty, prohížeče, wordy, excely, hry a další samozřejmě vypnout.
Antiviry vypnout jen v případě, že napíšu "vypnout antiviry" nebo pokud zjistíš, že je při současném spuštěném antiviru (či firewallu) a dané utility zaznamenán nějaký problém.

Vlož mi sem prosím nový aktuální log ze RSITu, ať se podívám, co se povedlo a co zatím ne.

bmwacs · #15 Příspěvek od **bmwacs** » 16 kvě 2013 18:19

Logfile of random's system information tool 1.09 (written by random/random)
Run by Matt at 2013-05-16 19:18:23
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 27 GB (35%) free of 76 GB
Total RAM: 2047 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:18:31, on 16.5.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ZyXEL\NWD-270N\Common\RalinkRegistryWriter.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Matt\Plocha\RSIT.exe
C:\Program Files\trend micro\Matt.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [GEST] m‘|Pë
O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Matt\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Startup: WinMySQLadmin.lnk = C:\apache\mysql\bin\winmysqladmin.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\ZyXEL\NWD-270N\Common\RalinkRegistryWriter.exe

--
End of file - 6235 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-606747145-484763869-839522115-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-606747145-484763869-839522115-1003UA.job
C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{F0761E82-9E0D-4738-BA00-7533A8120EF1}.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Matt\Data aplikací\Mozilla\Firefox\Profiles\umqgq4uc.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{ea614400-e918-4741-9a97-7a972ff7c30b}:2.0.10, {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}:2.5.6.0, {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"

"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.169 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsILegitCheckPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
npLegitCheckPlugin.dll
NPOFF12.DLL
nppdf32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
firmycz.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
mapycz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
zbocz.xml

C:\Documents and Settings\Matt\Data aplikací\Mozilla\Firefox\Profiles\umqgq4uc.default\searchplugins\
wowhead.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-04-07 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-11-22 4529344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-04-07 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-04-07 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GEST"=m‘|Pë []
"EEventManager"=C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe [2008-12-04 665424]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-09-03 19573352]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 947152]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\Matt\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-12-01 136176]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-01-08 3674320]

C:\Documents and Settings\Matt\Nabídka Start\Programy\Po spuštění
WinMySQLadmin.lnk - C:\apache\mysql\bin\winmysqladmin.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Epson Software\Event Manager\EEventManager.exe"="C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Disabled:EEventManager Application"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\apache\Apache.exe"="C:\apache\Apache.exe:*:Disabled:Apache"
"D:\Games\Command & Conquer 4 Tiberian Twilight\Data\CNC4SERVER.exe"="D:\Games\Command & Conquer 4 Tiberian Twilight\Data\CNC4SERVER.exe:*:Enabled:CNC4SERVER"
"D:\Games\Command & Conquer 4 Tiberian Twilight\Data\CNC4.exe"="D:\Games\Command & Conquer 4 Tiberian Twilight\Data\CNC4.exe:*:Disabled:Command & Conquer™ 4"
"D:\Games\Elven Legacy\ElvenLegacy.exe"="D:\Games\Elven Legacy\ElvenLegacy.exe:*:Enabled:Elven Legacy"
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1040\Agent.exe"="C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1040\Agent.exe:*:Enabled:Battle.net Update Agent"
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1363\Agent.exe"="C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1363\Agent.exe:*:Enabled:Battle.net Update Agent"
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1544\Agent.exe"="C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1544\Agent.exe:*:Enabled:Battle.net Update Agent"
"C:\WINDOWS\system32\dmwu.exe"="C:\WINDOWS\system32\dmwu.exe:*:Enabled:dmwu"
"C:\WINDOWS\system32\ARFC\wrtc.exe"="C:\WINDOWS\system32\ARFC\wrtc.exe:*:Enabled:wrtc"
"D:\Games\Elven Legacy\magic.exe"="D:\Games\Elven Legacy\magic.exe:*:Enabled:Elven Legacy: Magic"
"D:\Games\Elven Legacy\siege.exe"="D:\Games\Elven Legacy\siege.exe:*:Enabled:Elven Legacy: Siege"
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1637\Agent.exe"="C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1637\Agent.exe:*:Enabled:Battle.net Update Agent"
"C:\Program Files\Diablo III\Diablo III.exe"="C:\Program Files\Diablo III\Diablo III.exe:*:Enabled:Diablo III"
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1675\Agent.exe"="C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1675\Agent.exe:*:Enabled:Battle.net Update Agent"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1737\Agent.exe"="C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1737\Agent.exe:*:Enabled:Battle.net Update Agent"
"C:\Program Files\PANDORA.TV\PanService\PanProcess.exe"="C:\Program Files\PANDORA.TV\PanService\PanProcess.exe:*:Enabled:PanProcess"
"C:\Program Files\PANDORA.TV\PanService\PandoraService.exe"="C:\Program Files\PANDORA.TV\PanService\PandoraService.exe:*:Enabled:PandoraService"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"D:\Games\Dragon Age 2\bin_ship\DragonAge2.exe"="D:\Games\Dragon Age 2\bin_ship\DragonAge2.exe:*:Enabled:Dragon Age II"
"D:\Games\Dragon Age 2\DragonAge2Launcher.exe"="D:\Games\Dragon Age 2\DragonAge2Launcher.exe:*:Enabled:Dragon Age II Launcher"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"vidc.ffds"=ffdshow.ax
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.ac3filter"=ac3filter.acm
"VIDC.WMV3"=wmv9vcm.dll

======List of files/folders created in the last 1 month======

2013-05-12 13:50:24 ----A---- C:\AdwCleaner[S1].txt
2013-05-11 20:12:35 ----A---- C:\AdwCleaner[R1].txt
2013-04-20 16:48:35 ----D---- C:\Documents and Settings\Matt\Data aplikací\Unity

======List of files/folders modified in the last 1 month======

2013-05-16 19:18:26 ----D---- C:\Program Files\trend micro
2013-05-16 19:15:47 ----D---- C:\WINDOWS\system32\CatRoot2
2013-05-16 19:15:21 ----D---- C:\WINDOWS\Temp
2013-05-16 19:14:41 ----D---- C:\WINDOWS\Microsoft.NET
2013-05-14 23:08:57 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-05-14 22:04:00 ----D---- C:\WINDOWS\system32\drivers
2013-05-14 19:04:04 ----D---- C:\WINDOWS\Prefetch
2013-05-14 19:02:35 ----SD---- C:\WINDOWS\Tasks
2013-05-14 18:58:01 ----SHD---- C:\WINDOWS\Installer
2013-05-14 18:55:25 ----D---- C:\WINDOWS\system32
2013-05-12 21:01:10 ----D---- C:\WINDOWS
2013-05-12 20:30:31 ----D---- C:\Documents and Settings\Matt\Data aplikací\uTorrent
2013-05-12 18:58:47 ----D---- C:\Program Files\The KMPlayer
2013-05-12 17:23:03 ----D---- C:\Program Files\PokerStars
2013-05-12 13:50:44 ----RD---- C:\Program Files
2013-05-12 13:50:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2013-05-11 22:50:07 ----D---- C:\Program Files\Defraggler
2013-05-11 12:36:17 ----A---- C:\WINDOWS\NeroDigital.ini
2013-05-11 12:26:46 ----D---- C:\WINDOWS\Minidump
2013-05-11 12:24:46 ----D---- C:\Program Files\CCleaner
2013-05-11 12:23:55 ----D---- C:\Program Files\SpeedFan
2013-05-11 12:22:12 ----RD---- C:\Program Files\Skype
2013-05-11 12:22:12 ----D---- C:\Program Files\Common Files
2013-05-11 12:22:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-05-11 12:22:11 ----D---- C:\Documents and Settings\Matt\Data aplikací\Skype
2013-05-09 19:18:51 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2013-05-08 15:47:41 ----A---- C:\WINDOWS\AviSplitter.INI
2013-05-02 20:12:34 ----D---- C:\Program Files\uTorrent
2013-05-02 17:28:50 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2013-04-21 18:21:23 ----D---- C:\Documents and Settings\Matt\Data aplikací\DAEMON Tools Lite
2013-04-21 18:21:14 ----D---- C:\WINDOWS\Debug
2013-04-21 18:04:52 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-04-21 18:03:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2013-01-20 195296]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-10-18 105472]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2013-01-27 242240]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-11-24 21361]
R2 cpuz135;cpuz135; \??\C:\WINDOWS\system32\drivers\cpuz135_x32.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-09-03 6139496]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2013-02-08 12648960]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-11-27 19968]
R3 rt2870;%Generic.Service.DispName%; C:\WINDOWS\system32\DRIVERS\rt2870.sys [2008-10-01 637952]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-11-25 691696]
S1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 KMWDFILTER;HIDUASDesc; C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\Program Files\MSI\Live Update 5\msibios32_100507.sys []
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files\MSI\Live Update 5\NTIOLib.sys []
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2010-08-12 71936]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 20456]
R2 RalinkRegistryWriter;Ralink Registry Writer; C:\Program Files\ZyXEL\NWD-270N\Common\RalinkRegistryWriter.exe [2008-05-13 69632]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2013-01-03 156600]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-01-03 1259448]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-21 256904]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WinDefend;Windows Defender; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]

-----------------EOF-----------------

VIRY.CZ

Prosím o kontrolu logu děkuji

Prosím o kontrolu logu děkuji

Re: Prosím o kontrolu logu děkuji

Re: Prosím o kontrolu logu děkuji

Re: Prosím o kontrolu logu děkuji

Re: Prosím o kontrolu logu děkuji

Re: Prosím o kontrolu logu děkuji

Re: Prosím o kontrolu logu děkuji

Re: Prosím o kontrolu logu děkuji

Re: Prosím o kontrolu logu děkuji

Re: Prosím o kontrolu logu děkuji

Re: Prosím o kontrolu logu děkuji

Re: Prosím o kontrolu logu děkuji

Re: Prosím o kontrolu logu děkuji

Re: Prosím o kontrolu logu děkuji

Re: Prosím o kontrolu logu děkuji